Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Libraries & Helpers Tank Auth v1.0 (CI authentication library)
Tank Auth v1.0 (CI authentication library)
  • El Forum
    Guest
  •  
#11
04-14-2009, 03:29 PM

[eluser]Gromozeka[/eluser]
The lib contains only core auth methods. Sorry, role management is out of them.
  • El Forum
    Guest
  •  
#12
04-15-2009, 02:39 AM

[eluser]playaz[/eluser]
Looks good@work so cant check this out til later Sad

Is there a live demo of this online anywhere? :-)

Thanks again dude, this sounds promising
  • El Forum
    Guest
  •  
#13
04-15-2009, 01:19 PM

[eluser]Laurentvw[/eluser]
Thank you, Gromozeka! When I was looking for an authorization library several months ago, I also stumbled on that StackOverflow page and decided to go for DX Auth.

Unfortunately though, I wasn't completely happy with the library. The 8 db tables, the lack of password security and the (unneeded) roles & permission features were just a few examples of that.

Tank Auth seems to be just what I was looking for! You've got all my support on this one Smile

I haven't looked at the code in too much detail yet, so can't judge on that one. Two little remarks though. E-mail/username field seems to be case-sensitive. Logging in without capitalization (laurentvw instead Laurentvw) failed. You may want to fix that.
Also, the captcha image isn't displaying. But I also had that problem when using DX Auth. Not sure why, I'm probably doing something wrong (I did chmod /captcha to 777), but it doesn't matter too much for me since I disabled captcha.

Anyway, thanks for the great library, good job!

Edit:
I managed to inject this using the user field on the login form: '; foo ' (which resulted in a sql error)
Related to:
Code:
function get_user_by_login($login, $activated = NULL)
{
    $req = "(username='".$login."' OR email='".$login."')";
    //...
}
  • El Forum
    Guest
  •  
#14
04-16-2009, 07:44 AM

[eluser]Gromozeka[/eluser]
Hi Laurentvw,

Thank you for your support and for the time you've spent to work with Tank Auth. Smile

I've fixed the issues you found. Now email and username fields are case-insensitive (so both 'laurentvw' and 'Laurentvw' will work). SQL-injection is also fixed. Please download the latest version (1.0.2) from the same location:

http://konyukhov.com/soft/tank_auth/tank_auth.zip

About captcha: I met the same problem with CAPTCHA while working with DX Auth, so maybe my experience will be useful for you. There were 2 problems: 1) server was unable to create captcha-files, and 2) browser was unable to show them.

The solution for 1st one was to fix write-rights for the captcha folder. Please notice, the path in the config-file is absolute and server-related. So if you set it this way: $config['captcha_path'] = 'img/captcha/'; then you will have to create folder img (with writable folder captcha inside) in the same directory where your system folder is.

If the captcha-images are been creating in this folder but the browser cannot render them, I recommend you to check your htaccess file -- maybe access to your captcha folder is not permitted (as it was in my case).

Hope that it will help you. Smile
  • El Forum
    Guest
  •  
#15
04-18-2009, 03:31 AM

[eluser]jabberjab[/eluser]
Really wish you hadn't used <php= tags :-P It would have definitely saved me some time integrating Tank Auth with my project
  • El Forum
    Guest
  •  
#16
04-18-2009, 09:31 AM

[eluser]Gromozeka[/eluser]
Hey, what's wrong with these tags?
  • El Forum
    Guest
  •  
#17
04-18-2009, 10:19 AM

[eluser]jabberjab[/eluser]
I am unable to use those tags on my server.

From what I've read using &lt;?= is frowned upon for code that is going to be distributed, because it's not always supported, that said it doesn't really matter to me now that I've converted all the &lt;?='s to &lt;? echo's Big Grin

Thanks again for this library -- Though there's one issue I keep having. When an email is sent (the verification email) only parts of the email is being sent.

It ends with;

"Finish your registration...

Link doesn't work? Copy the following link to y " <--

Perhaps it's just GMail. I'll see if it sends correctly to other email services. Smile
  • El Forum
    Guest
  •  
#18
04-18-2009, 10:30 AM

[eluser]Xeoncross[/eluser]
&lt;? causes problems if you are using things like XML and such. It is actually a feature I heard they might be removing from php because of the bad practice it creates.

Also it is a shame that you removed the role management - I guess I'll have to stick with DX Auth.
  • El Forum
    Guest
  •  
#19
04-18-2009, 01:54 PM

[eluser]Gromozeka[/eluser]
Sorry, I didn't think about it. The short tags work fine on my server.

Ok, &lt;?=$var?&gt; have been replaced with &lt;?php echo $var; ?&gt;

Please download the latest version and renew the view folder.
  • El Forum
    Guest
  •  
#20
04-19-2009, 10:28 AM

[eluser]jabberjab[/eluser]
Cool.
I've got a quick question. How do I retrieve the userID or username of a logged in user via tank_auth?




Theme © iAndrew 2016 - Forum software by © MyBB